module.exports = opt => {
	return async function (ctx, next) {
		const token = ctx.request.header.authorization
		let decode = ''
		if (token) {
			try {
				decode = ctx.app.jwt.verify(token, opt.secret)
				ctx.decode = decode
				await next()
			} catch (e) {
				return ctx.helper.error(e.message, 403)
			}
		} else {
			ctx.helper.error('权限校验失败', 403)
			return
		}
	}
}
